{"id":"CVE-2022-49032","summary":"iio: health: afe4404: Fix oob read in afe4404_[read|write]_raw","details":"In the Linux kernel, the following vulnerability has been resolved:\n\niio: health: afe4404: Fix oob read in afe4404_[read|write]_raw\n\nKASAN report out-of-bounds read as follows:\n\nBUG: KASAN: global-out-of-bounds in afe4404_read_raw+0x2ce/0x380\nRead of size 4 at addr ffffffffc00e4658 by task cat/278\n\nCall Trace:\n afe4404_read_raw\n iio_read_channel_info\n dev_attr_show\n\nThe buggy address belongs to the variable:\n afe4404_channel_leds+0x18/0xffffffffffffe9c0\n\nThis issue can be reproduce by singe command:\n\n $ cat /sys/bus/i2c/devices/0-0058/iio\\:device0/in_intensity6_raw\n\nThe array size of afe4404_channel_leds and afe4404_channel_offdacs\nare less than channels, so access with chan-\u003eaddress cause OOB read\nin afe4404_[read|write]_raw. Fix it by moving access before use them.","modified":"2026-04-02T08:27:15.232837Z","published":"2024-10-21T20:06:35.864Z","related":["SUSE-SU-2024:3983-1","SUSE-SU-2024:3985-1","SUSE-SU-2024:4082-1","SUSE-SU-2024:4131-1","SUSE-SU-2024:4313-1","SUSE-SU-2024:4317-1","SUSE-SU-2024:4364-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49032.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/113c08030a89aaf406f8a1d4549d758a67c2afba"},{"type":"WEB","url":"https://git.kernel.org/stable/c/3f566b626029ca8598d48e5074e56bb37399ca1b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/5eb114f55b37dbc0487aa9c1913b81bb7837f1c4"},{"type":"WEB","url":"https://git.kernel.org/stable/c/68de7da092f38395dde523f2e5db26eba6c23e28"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d45d9f45e7b1365fd0d9bf14680d6d5082a590d1"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f5575041ec15310bdc50c42b8b22118cc900226e"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f7419fc42afc035f6b29ce713e17dcd2000c833f"},{"type":"WEB","url":"https://git.kernel.org/stable/c/fc92d9e3de0b2d30a3ccc08048a5fad533e4672b"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49032.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-49032"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"b36e8257641a043764c62240316610c81e36376c"},{"fixed":"68de7da092f38395dde523f2e5db26eba6c23e28"},{"fixed":"113c08030a89aaf406f8a1d4549d758a67c2afba"},{"fixed":"f5575041ec15310bdc50c42b8b22118cc900226e"},{"fixed":"3f566b626029ca8598d48e5074e56bb37399ca1b"},{"fixed":"5eb114f55b37dbc0487aa9c1913b81bb7837f1c4"},{"fixed":"f7419fc42afc035f6b29ce713e17dcd2000c833f"},{"fixed":"d45d9f45e7b1365fd0d9bf14680d6d5082a590d1"},{"fixed":"fc92d9e3de0b2d30a3ccc08048a5fad533e4672b"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49032.json"}}],"schema_version":"1.7.5"}